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DETAILED ACTION 

1. This action is responsive to communications: application, filed 9/30/2003; 
amendment filed 7/24/2007. 

2. Claims 1-34 are pending in the case. 

Response to Arguments 

3. Rejection of claim 1 1 under 35 U.S.C. 112, second paragraph is withdrawn due 
to applicant's amendments. 

4. Applicant's arguments regarding claim rejection under 35 U.S.C. 102(e) has 
been fully considered and are persuasive. The new limitations added to the independent 
claims have created a cause for new ground for rejection, the details of which is outlined 
in the following sections. Therefore, all pending claims are rejected under 35 U.S.C. 
103(a). 

Claim Rejections - 35 USC §112 

1. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 
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2. Claims 1, 10, 17 and 25 rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. The claims require a request intercepted for 
processing unbeknownst to the requestor . It is not clear how the phrase "unbeknownst 
to the requestor" further limits the claim. The phrase does not specify a specific function, 
procedure or step. Applicant's specification is completely silent about what is meant by 
"unbeknownst to the requestor". 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1, 2,10, 1 1, 17, 18, 25, 26 rejected under 35 U.S.C. 103(a) as being 
unpatentable over Xiong (US Patent No. 7,096,490, filed March 20, 2002) and further in 
view of Gabber (US Patent No. 5,961 ,593, dated October 5, 1 999). 

4.1 . As per claim 1 , Xiong and Gabber are directed to a method for generating 
temporarily assigned identity information (Gabber abstract, where the substitute 
identifier is the temporary assigned identity information) comprising: authenticating 
identity information associated with a request received from a requestor for accessing 
a service, wherein the request is sent from the requestor to the service and intercepted 
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for processing unbeknownst to the requestor (Xiong col. 5 line 23 to col. 6 line 27, 
teaches a request for authentication from the client to the ISP intercepted by a auto- 
configuration device 10. Device 10 negotiates the authentication protocol and user 
identity and password to be used for authentication that is supported by both the client 
and the ISP); generating temporarily assigned identity information for the requestor 
(Xiong teaches presenting encrypted user ID and password in place of the unencrypted 
user ID and password for authentication. However, Xiong does not explicitly teach 
generation of a temporary assigned identity for the requestor. Gabber teaches 
generation of an alias (temporary assigned identity) to replace the user ID (Gabber col. 
1 1 lines 15-37)); updating a protected identity directory with the temporarily assigned 
identity information (Gabber col. 1 1 line 37-53 shows that the substitute id (temporary 
id) is computed based on the stored data (ID, secret domain-name), which is 
equivalent of a directory. Note that Gabber col. 12 line 8-18 teaches that keeping a 
directory to translate user data to substitute data is part of prior art); and directly 
transmitting the request and the temporarily assigned identity information to the service 
on behalf of the requester (Gabber col. 11 line 36-66), wherein the service accesses 
the protected identity directory with the temporarily assigned identity information to 
authenticate the requestor for access (Gabber col. 1 1 lines 37-53 shows the server 
requests authentication data from proxy site 1 10a (which provides the temporary 
assigned identity information) and receives the authentication data from the proxy), and 
wherein the temporarily assigned identity information syntax and semantic format 
recognized and expected by the service for authentication access to the service 
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(Gabber's substitute ID is used to authenticate the user to the service, therefore, 
matched the syntax and semantic format of the service. Also, Xiong col. 5 line 23 to 
col. 6 line 27 shows that the auto-configuration device adjusts the protocol such that 
both the client and the ISP (service) support the authentication protocol). 

Gabber and Xiong are analogous art as they are both directed to facilitating 
authentication between a client and a server. At the time of invention, it would have 
been obvious to the one skilled in art to enhance Xiong's system of auto-configuring 
the authentication protocol, by adding a temporary user ID to protect the identity of the 
user. The motivation to do so would have been to protect the identity of the user and 
eliminating unwanted communication as suggested by Gabber col. 1 line 20 to col. 2 
line 11. 

4.2. As per claim 2, Xiong and Gabber are directed the method of claim 1 further 
comprising: generating a mapping between the identity information and the temporarily 
assigned identity information; and storing the mapping in a local identity mapping store 
(Gabber col. 12 lines 7-17 teaches that storing the mapping data is in the prior art. Fig. 
5 and associated text shows an alternative embodiment, including a local proxy server, 
which provides mapping data locally. Also see col. 7 lines 25 to 40, teaching storage of 
identity information in a database or alias table). 
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5. Claims 3-9, 12-16, 19-24, 27-34 rejected under 35 U.S.C. 103(a) as being 
unpatentable over Xiong (US Patent No. 7,096,490, filed March 20, 2002) and further in 
view of Gabber (US Patent No. 5,961,593, dated October 5, 1999), and further in view 
of Gupta (US Patent No. 6,868,448, filed March 12, 1999). 

5.1 . As per claim 3, Xiong and Gabber are directed the method of claim 2 further 
comprising, synchronizing the local identity mapping store and the mapping with one or 
more addition local identity mapping stores (Gabber teaches storing the identity 
information in local or central directories. Synchronizing the local identity mapping store 
and the mapping with one or more addition local identity mapping stores was a well 
known attribute of distributed directory services systems at the time of invention. 
However, Gabber does not explicitly discuss the mentioned attribute. 

Gupta teaches a Directory Service (col. 16 line 42 to col. 17 line 14), which replicates 
data (entries) in several directory services distributed in different geographical areas. 
Gupta also teaches local application servers, which perform authentication and store 
the related identity information (col. 7 lines 12 to 25). The identity information stored at 
the local servers is automatically updated when the information at the remote server is 
updated. Therefore, Gupta teaches synchronizing the local identity mapping store and 
the mapping with one or more addition local identity mapping stores. 
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Gupta and Gabber are analogous art, as they are both related to locating and providing 
data, resources and services to users in a distributed network. At the time of invention, 
it would have been obvious to a person skilled in art to deploy the distributed directory 
service taught by Gupta in the system of Gupta to allow access to user authentication 
data in a distributed network. One motivation to do so would have been balancing the 
load of directory servers as suggested in Gupta col. 18, line 3 to 47. 

5.2. As per claim 4, Xiong, Gabber and Gupta are directed to the method of claim 1 
wherein the generating further includes assembling an aggregate identity configuration 
for the requestor from one or more authoritative identity stores before generating the 
temporarily assigned identity information (Gabber col. 7 line 1 to col. 9 line 65 shows 
that the substitute ID is generated from a universal user ID and password combined 
with site specific data. Therefore, Gabber stores a universal secret from an authoritative 
store before generating substitute IDs). 

5.3. As per claim 5, Xiong, Gabber and Gupta are directed to the method of claim 1 
further comprising, removing the temporarily assigned identity information from the 
protected identity directory after detecting a terminating event that terminates the 
authenticity of the temporarily assigned identity information (Gupta col. 7 lines 12 to 25). 

5.4. As per claim 6, Xiong, Gabber and Gupta are directed to the method of claim 5 
further comprising recycling a storage space occupied by the temporarily assigned 
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identity information for use in a subsequent iteration of the method (re-use of the space 
previously occupied by deleted data is standard practice in computer systems). 

5.5. As per claims 7-9, Xiong, Gabber and Gupta are directed to the method of claim 
1 further comprising: detecting dynamic changes made on at least a portion of the 
identity information, wherein the changes are detected within the protected identity 
directory; and synchronizing the temporarily assigned identity information and other 
local identity stores with the changes and logging the changes (see response to claim 3. 
It is well known in distributed directory systems to detect a change, update the 
information in the main and other local directory services and log the event). 

6. Limitations of claims 10-34 are substantially the same as limitations of claims 1-9 
above, and the following notes. 

6.1 . Claim 21 requires the identity information to include at least one of an 
identification, a password, a certificate, a token, a biometric value, a hardware value, a 
network connection value, and a time value. Gabber col. 6 lines 59-67 show the identity 
information includes a password). 

6.2. Claim 23 requires temporarily assigned identity information is randomly or 
deterministically generated. Per Gabber col. 7 lines 1-2, the character string used to 
generate the substitute ID is chosen randomly. 
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6.3. Claim 29 requires the mapping is cached and accessible for subsequent uses. 
Gupta col. 1 1 lines 42 to 55 shows caching the data for subsequent use. 

6.4. Claims 33 and 34 require direct or indirect access of the service to data store. 
Gupta Fig 4A and 4B show different combination of architectural elements, which allows 
the service provider to directly or indirectly access the directory service. 

Conclusion 

7. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
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8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Farid Homayounmehr whose telephone number is (571) 
272-3739. The examiner can be normally reached on 9 hrs Mon-Fri, off Monday 
biweekly. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Farid Homayounmehr 




9/27/2006 




GILBERTO BARRON _3&- 



